Microsoft Alerts Users to FTM Flaw

Flaw in the File Transfer Manager could enable an attacker to take control of a vulnerable machine.

Microsoft Corp. has alerted some of its customers to a security vulnerability in a software application used to download beta releases and other limited-release software from the companys Web site.
The flaw in the File Transfer Manager could enable an attacker to take control of a vulnerable machine, Microsoft said in its note to customers. The software is distributed only through several Microsoft preferred customer programs, including the Microsoft Developers Network, beta programs, Microsoft Volume Licensing Services and a few other groups.

The company said that the pool of potential customers at risk is small because not every member of the eligible customer programs has installed the FTM and there are some versions of the software that are not vulnerable.

The Redmond, Wash., company encouraged users to upgrade to Version 4.0 of the FTM, which is not vulnerable to the attack.
The note, sent by the Microsoft Security Response Center Tuesday, says, "Microsoft believes that only a small number of customers actually are at risk, but we do urge you to use the following information to ensure that your system is secure."
Users can download the updated version of FTM here.
Related stories: